summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2008-02-11 00:57:18 +0100
committerPatrick McHardy <kaber@trash.net>2008-04-06 18:39:24 +0200
commit1a756e948d66ca17f088411c175858cae19bfd66 (patch)
tree115524831def1232aeecc6bcb72e2f323ec9dbba /extensions
parentdbb77543ad6afe29e9a1881b2d4fc212de621a55 (diff)
Update the libxt_owner manpage with the UID/GID-range feature
Diffstat (limited to 'extensions')
-rw-r--r--extensions/libxt_owner.man15
1 files changed, 9 insertions, 6 deletions
diff --git a/extensions/libxt_owner.man b/extensions/libxt_owner.man
index add23690..344ce2ea 100644
--- a/extensions/libxt_owner.man
+++ b/extensions/libxt_owner.man
@@ -3,14 +3,17 @@ for locally generated packets. This match is only valid in the OUTPUT and
POSTROUTING chains. Forwarded packets do not have any socket associated with
them. Packets from kernel threads do have a socket, but usually no owner.
.TP
-\fB--uid-owner\fR \fIuserid\fR
+\fB--uid-owner\fR \fIusername\fR
+.TP
+\fB--uid-owner\fR \fIuserid\fR[\fB-\fR\fIuserid\fR]
Matches if the packet socket's file structure (if it has one) is owned by the
-given user ID. A user name may be specified in place of \fIuserid\fR, in which
-case iptables will try to look it up.
+given user. You may also specify a numerical UID, or an UID range.
+.TP
+\fB--gid-owner\fR \fIgroupname\fR
.TP
-\fB--gid-owner\fR \fIgroupid\fR
-Matches if the packet socket's file structure is owned by the given group ID.
-A group name may be specified in place of \fIgroupid\fR.
+\fB--gid-owner\fR \fIgroupid\fR[\fB-\fR\fIgroupid\fR]
+Matches if the packet socket's file structure is owned by the given group.
+You may also specify a numerical GID, or a GID range.
.TP
\fB--socket-exists\fR
Matches if the packet is associated with a socket.